Skip to content

Commit

Permalink
sap_vm_provision: allow private dns in separate resource group
Browse files Browse the repository at this point in the history
  • Loading branch information
sean-freeman committed Apr 20, 2024
1 parent 06c3b62 commit d44efd3
Show file tree
Hide file tree
Showing 6 changed files with 45 additions and 10 deletions.
6 changes: 6 additions & 0 deletions roles/sap_vm_provision/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,12 @@ This required structure will:
var: groups
```
### Design assumptions with execution impact
- For Hyperscaler Cloud Service Providers that use Resource Groups (IBM Cloud, Microsoft Azure):
- Virtual Machine and associated resources (Disks, Network Interfaces, Load Balancer etc.) will be provisioned to the same Resource Group as the targeted network/subnet.
- Optional: Private DNS may be allocated to another Resource Group, and an optional variable is provided for this.
### Tags to control execution
There are no tags used to control the execution of this Ansible Role
Expand Down
4 changes: 3 additions & 1 deletion roles/sap_vm_provision/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ sap_vm_provision_bastion_user: ""

sap_vm_provision_ssh_bastion_private_key_file_path: ""
sap_vm_provision_ssh_host_private_key_file_path: ""
sap_vm_provision_ssh_host_public_key_file_path: "{{ sap_vm_provision_ssh_host_private_key_file_path + '.pub' }}"
sap_vm_provision_ssh_host_public_key_file_path: "{{ sap_vm_provision_ssh_host_private_key_file_path + '.pub' }}" # used for gcp_ce_vm, ibmpowervm_vm, kubevirt_vm, vmware_vm


####
Expand Down Expand Up @@ -137,6 +137,7 @@ sap_vm_provision_ibmcloud_resource_group_name: ""
sap_vm_provision_ibmcloud_region: "{{ sap_vm_provision_ibmcloud_availability_zone | regex_replace('-[0-9]', '') }}"
sap_vm_provision_ibmcloud_availability_zone: ""
sap_vm_provision_ibmcloud_private_dns_instance_name: ""
# sap_vm_provision_ibmcloud_private_dns_resource_group_name: "" # optional, default use of sap_vm_provision_ibmcloud_resource_group_name
sap_vm_provision_ibmcloud_vpc_name: ""
sap_vm_provision_ibmcloud_vpc_subnet_name: ""
sap_vm_provision_ibmcloud_vpc_sg_names: "" # comma-separated, if ansible_to_terraform then ignore this variable
Expand All @@ -156,6 +157,7 @@ sap_vm_provision_msazure_app_client_secret: ""
sap_vm_provision_msazure_resource_group_name: ""
sap_vm_provision_msazure_location_region: ""
sap_vm_provision_msazure_location_availability_zone_no: 1
# sap_vm_provision_msazure_private_dns_resource_group_name: "" # optional, default use of sap_vm_provision_msazure_resource_group_name
sap_vm_provision_msazure_vnet_name: ""
sap_vm_provision_msazure_vnet_subnet_name: ""
sap_vm_provision_msazure_key_pair_name_ssh_host_public_key: ""
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,14 @@
ibm.cloudcollection.ibm_resource_group_info:
name: "{{ sap_vm_provision_ibmcloud_resource_group_name }}"

# DNS may exist in separate Resource Group
# Use empty string var (or default false if undefined) to evaluate to false boolean
- name: Identify Resource Group info for Private DNS
register: register_ibmcloud_resource_group_dns
ibm.cloudcollection.ibm_resource_group_info:
name: "{{ sap_vm_provision_ibmcloud_private_dns_resource_group_name }}"
when: (sap_vm_provision_ibmcloud_private_dns_resource_group_name | default(false))

- name: Identify IBM Power Infrastructure Workspace
register: register_ibmcloud_power_iaas_workspace_service_instance
ibm.cloudcollection.ibm_resource_instance_info:
Expand Down Expand Up @@ -86,10 +94,12 @@
ibm.cloudcollection.ibm_pi_catalog_images_info:
pi_cloud_instance_id: "{{ register_ibmcloud_power_iaas_workspace_service_instance.resource.guid }}" # must be GUID, not CRN

# DNS may exist in separate Resource Group
# If previous identification task is skipped, use resource group else use the resource group defined for the Private DNS
- name: Identify Private DNS instance
register: register_ibmcloud_pdns_service_instance
ibm.cloudcollection.ibm_resource_instance_info:
resource_group_id: "{{ register_ibmcloud_resource_group.resource.id }}"
resource_group_id: "{{ register_ibmcloud_resource_group.resource.id if register_ibmcloud_resource_group_dns is skipped else register_ibmcloud_resource_group_dns.resource.id }}"
location: global
service: dns-svcs
name: "{{ sap_vm_provision_ibmcloud_private_dns_instance_name }}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,14 @@
ibm.cloudcollection.ibm_resource_group_info:
name: "{{ sap_vm_provision_ibmcloud_resource_group_name }}"

# DNS may exist in separate Resource Group
# Use empty string var (or default false if undefined) to evaluate to false boolean
- name: Identify Resource Group info for Private DNS
register: register_ibmcloud_resource_group_dns
ibm.cloudcollection.ibm_resource_group_info:
name: "{{ sap_vm_provision_ibmcloud_private_dns_resource_group_name }}"
when: (sap_vm_provision_ibmcloud_private_dns_resource_group_name | default(false))

- name: Identify pre-loaded SSH Public Key info
register: register_ibmcloud_ssh_public_key
ibm.cloudcollection.ibm_is_ssh_key_info:
Expand All @@ -27,10 +35,12 @@
name: "{{ item }}"
loop: "{{ sap_vm_provision_ibmcloud_vpc_sg_names | split(',') }}"

# DNS may exist in separate Resource Group
# If previous identification task is skipped, use resource group else use the resource group defined for the Private DNS
- name: Identify Private DNS instance
register: register_ibmcloud_pdns_service_instance
ibm.cloudcollection.ibm_resource_instance_info:
resource_group_id: "{{ register_ibmcloud_resource_group.resource.id }}"
resource_group_id: "{{ register_ibmcloud_resource_group.resource.id if register_ibmcloud_resource_group_dns is skipped else register_ibmcloud_resource_group_dns.resource.id }}"
location: global
service: dns-svcs
name: "{{ sap_vm_provision_ibmcloud_private_dns_instance_name }}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,8 @@

- name: Get Private DNS Zone Virtual Network Links
azure.azcollection.azure_rm_privatednszonelink_info:
resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}"
# DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator
resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}"
zone_name: "{{ sap_vm_provision_dns_root_domain }}"
register: __sap_vm_provision_msazure_private_dns_virtual_network_links

Expand Down Expand Up @@ -76,7 +77,8 @@
# Create "A" (IPv4 Address) Resource Record to map IPv4 address as hostname / subdomain of the root domain name
- name: Ansible MS Azure Private DNS Records for hosts
azure.azcollection.azure_rm_privatednsrecordset:
resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}"
# DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator
resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}"
zone_name: "{{ hostvars[inventory_hostname].sap_vm_provision_dns_root_domain }}"
relative_name: "{{ inventory_hostname }}"
record_type: A
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@

- name: Ansible MS Azure Private DNS Records for SAP HANA HA Virtual Hostname
azure.azcollection.azure_rm_privatednsrecordset:
resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}"
# DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator
resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}"
zone_name: "{{ hostvars[host_node].sap_vm_provision_dns_root_domain }}"
relative_name: "{{ sap_swpm_db_host }}"
record_type: A
Expand Down Expand Up @@ -53,7 +54,8 @@

- name: Ansible MS Azure Private DNS Records for SAP NetWeaver ASCS HA Virtual Hostname
azure.azcollection.azure_rm_privatednsrecordset:
resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}"
# DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator
resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}"
zone_name: "{{ hostvars[host_node].sap_vm_provision_dns_root_domain }}"
relative_name: "{{ sap_swpm_ascs_instance_hostname }}"
record_type: A
Expand Down Expand Up @@ -83,7 +85,8 @@

- name: Ansible MS Azure Private DNS Records for SAP NetWeaver ERS HA Virtual Hostname
azure.azcollection.azure_rm_privatednsrecordset:
resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}"
# DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator
resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}"
zone_name: "{{ hostvars[host_node].sap_vm_provision_dns_root_domain }}"
relative_name: "{{ sap_swpm_ers_instance_hostname }}"
record_type: A
Expand Down Expand Up @@ -115,7 +118,8 @@

# - name: Ansible MS Azure Private DNS Records for SAP NetWeaver PAS HA Virtual Hostname
# azure.azcollection.azure_rm_privatednsrecordset:
# resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}"
# # DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator
# resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}"
# zone_name: "{{ hostvars[host_node].sap_vm_provision_dns_root_domain }}"
# relative_name: "{{ sap_swpm_pas_instance_hostname }}"
# record_type: A
Expand Down Expand Up @@ -145,7 +149,8 @@

# - name: Ansible MS Azure Private DNS Records for SAP NetWeaver AAS HA Virtual Hostname
# azure.azcollection.azure_rm_privatednsrecordset:
# resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}"
# # DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator
# resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}"
# zone_name: "{{ hostvars[host_node].sap_vm_provision_dns_root_domain }}"
# relative_name: "{{ sap_swpm_aas_instance_hostname }}"
# record_type: A
Expand Down

0 comments on commit d44efd3

Please sign in to comment.